//package com.muyou.springbootDemo.util;
//
//import org.apache.shiro.SecurityUtils;
//import org.apache.shiro.authc.AuthenticationException;
//import org.apache.shiro.authc.AuthenticationInfo;
//import org.apache.shiro.authc.AuthenticationToken;
//import org.apache.shiro.authc.SimpleAuthenticationInfo;
//import org.apache.shiro.authc.UsernamePasswordToken;
//import org.apache.shiro.authz.AuthorizationInfo;
//import org.apache.shiro.authz.SimpleAuthorizationInfo;
//import org.apache.shiro.realm.AuthorizingRealm;
//import org.apache.shiro.subject.PrincipalCollection;
//import org.apache.shiro.util.ByteSource;
//
//import com.muyou.springbootDemo.domian.SysPermission;
//import com.muyou.springbootDemo.domian.SysRole;
//import com.muyou.springbootDemo.domian.UserInfo;
//import com.muyou.springbootDemo.service.UserInfoService;
//
//import javax.annotation.Resource;
//
//public class MyShiroRealm extends AuthorizingRealm {
//	@Resource
//	private UserInfoService userInfoService;
//
//	@Override
//	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//		System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
//		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//		UserInfo userInfo = (UserInfo) principals.getPrimaryPrincipal();
//		for (SysRole role : userInfo.getRoleList()) {
//			authorizationInfo.addRole(role.getRole());
//			for (SysPermission p : role.getPermissions()) {
//				authorizationInfo.addStringPermission(p.getPermission());
//			}
//		}
//		return authorizationInfo;
//	}
//
//	/* 主要是用来进行身份认证的，也就是说验证用户输入的账号和密码是否正确。 */
//	@Override
//	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//		System.out.println("MyShiroRealm.doGetAuthenticationInfo()");
//		// 获取用户的输入的账号.
////		String username = (String) token.getPrincipal();
////		System.out.println(token.getCredentials());
//		// 1. 把 AuthenticationToken 转换为 UsernamePasswordToken
//		UsernamePasswordToken upToken = (UsernamePasswordToken) token;
//		// 2. 从 UsernamePasswordToken 中来获取 username
//		String username = upToken.getUsername();
//		// 通过username从数据库中查找 User对象，如果找到，没找到.
//		// 实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
//		UserInfo userInfo = userInfoService.findByUsername(username);
//		System.out.println("----->>userInfo=" + userInfo);
//		if (userInfo == null) {
//			return null;
//		}
//		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(userInfo, // 用户名
//				userInfo.getPassword(), // 密码
//				ByteSource.Util.bytes(userInfo.getCredentialsSalt()), // salt=username+salt
//				getName() // realm name
//		);
//		SecurityUtils.getSubject().getSession().setAttribute("currentUserInfo", userInfo);
//		return authenticationInfo;
//	}
//
//}
